Last month, we released product updates designed to reduce manual work, strengthen integration across systems, and support scale for enterprise GRC programs. From high-performance AWS organizational sync updates to enriched Rules Engine logic and API extensibility, these updates improve traceability, audit readiness, and operational efficiency across trust programs.
Continuous Compliance
Stay audit-ready without the scramble.
Drata transforms compliance from a one-time effort into a continuous state. With automated evidence collection, control monitoring, and framework mapping, teams can maintain readiness year-round—not just at audit time. This eliminates the need for spreadsheets, manual tracking, or reactive fire drills.
Public API Enhancements (Beta) Drata’s updated API provides teams with greater flexibility and control across compliance systems. New capabilities include support for custom fields, policy acknowledgements, and workspace-specific data access. Cursor-based pagination ensures better performance with large datasets, and updated documentation improves developer implementation.
SOC 2 Report Review Enhancements SOC report reviews now support longer text entries—up to 30,000 characters—in the Services, Control, and Finding fields. This makes it easier for teams to capture detailed findings without losing visibility during audits or internal reviews.
Azure GCC High Live Azure GCC High is out of beta and live for all customers—supporting secure, compliant operations for public sector and regulated industries.
Vendor & Internal Risk Management
Eliminate blind spots, unify risk, and act faster.
Risk lives everywhere—in vendors, systems, access, and policies. Drata centralizes it all, linking risks to controls, frameworks, and real-time evidence. The result? No more disconnected risk registers or missed issues. Just a clear, auditable path from detection to resolution.
Link Existing Jira Tickets
Teams can now link existing Jira tickets to Drata Risks, Controls, and Tests. This update to our Jira integration supports cleaner workflows across compliance and engineering teams, especially in high-scale environments
Vendor Filtering + Password Field Updates New filters help large enterprises focus only on the vendors they own. Plus, expanded password dropdown options improve data accuracy and flexibility during reviews.
Automated Governance
Turn governance into a system—not a spreadsheet.
Drata automates governance, the backbone of compliance programs: policy approvals, access reviews, control mapping, and audit prep. Instead of chasing down tasks or duplicating work, teams enforce governance through flexible workflows, integrated tools, and centralized control—all continuously monitored and audit-ready.
AWS Organizational Units Sync Optimization For organizations with large AWS environments, Drata now syncs AWS Organizational Units in parallel across sub-accounts. This enhancement improves asset visibility and enables more timely governance checks across distributed infrastructure. In fact, one customer reduced their daily sync time from ~10 hours to ~2 hours.
Paycom HRIS Integration
Drata now supports Paycom via Merge, making it easier to govern employee access and automate compliance tasks as your team grows. Sync personnel data directly into Drata to streamline onboarding, offboarding, and policy assignments.
Security Assurance
Prove trust—faster and at scale. Security isn’t a promise—it’s proof. Drata accelerates security assurance and helps organizations show their posture in real-time through automated evidence, trust portals, and audit readiness tools. Whether responding to security questionnaires or prepping for a SOC 2 attestation, teams move faster, build credibility, and close deals without delays.
Trust Center Rules Engine Enhancements The Rules Engine now supports auto-assigning multiple permission profiles and parsing CRM fields with multiple values. This allows for more precise automation when provisioning access to Trust Centers—reducing manual review time in complex CRM setups.
Knowledge Base Suggestions (Beta) SafeBase users can now submit questionnaire responses as suggestions to the Knowledge Base. Editors can review and approve these before publishing, helping teams scale trusted answers while maintaining KB accuracy.
Ironclad Support in Rules Engine Enterprise customers using Ironclad can now use SafeBase’s Rules Engine to verify whether NDAs have been signed. This reduces the need for manual checks during access reviews and supports automated approval logic based on contract status.
CRM Permission CheckerSupports HubSpot SafeBase’s CRM Permission Checker now includes HubSpot, enabling customers to verify integration permissions without manual testing. This builds on existing Salesforce support and further strengthens system governance.
What’s Coming Next
In the coming weeks, look out for expanded audit automation, enhanced AI-powered response tools, and continued API upgrades—focused on helping enterprise GRC teams move faster, with greater control.
From continuous compliance to automated governance, every monthly release is built to scale trust. Book a demo to explore what’s possible.
